About the Company
* Our Mission:
Bluedrop was founded in Galway in 2015 with a very specific and critical mission: to predict and prevent one of the most devastating complications of diabetes, the diabetic foot ulcer, or DFU.
* The Problem We're Solving:
To give you a sense of the scale, there are 60 million people with diabetes in Europe alone. DFUs are the leading cause of non-traumatic amputation globally. It's a life-altering condition—healing can take over a year, is associated with high rates of depression, and even after healing, there's a 70% chance of getting another ulcer within 5 years.
* Our Solution:
We've developed a home-based monitoring system that looks just like a high-end bathroom scale. In a 30-second daily scan, it captures both thermal and photographic data from the patient's feet and sends it to the cloud.
About the Role
You'll design, secure, and monitor our GCP-based infrastructure (GKE, Terraform, BigQuery, Pub/Sub, Cloud Storage, Cloud Functions for AI) and CI/CD pipelines (GitLab). You will also manage and audit user access across cloud and application environments to ensure full compliance with HIPAA/FDA requirements.
Responsibilities
* Infrastructure as Code (Terraform):
Define secure GCP resources (projects, VPC, GKE, IAM, Cloud SQL, Pub/Sub, Artifact Registry, Secret Manager) with auditable change control.
* Kubernetes (GKE):
Operate hardened clusters (RBAC, PodSecurity, network policies, private clusters), manage deployments/rollouts, and troubleshoot workloads.
* Cloud Functions (AI workloads):
Automate deployment and monitoring of our AI cloud functions (Python-based inference & data processing), integrate with Pub/Sub, BigQuery, and downstream systems.
* CI/CD (GitLab):
Build pipelines with security gates (image scanning, SBOM, SAST/DAST, provenance/signing), environment promotions, and controlled releases.
* Security & Compliance:
* Enforce HIPAA-like / FDA 21 CFR Part 11 controls (audit logs, least-privilege IAM, secret rotation).
* Manage vulnerability scanning (containers, Terraform, dependencies).
* Implement encryption in transit/at rest, key management (Cloud KMS).
* Manage and audit user access:
* Provision and de-provision user/service accounts.
* Enforce least-privilege IAM roles and Kubernetes RBAC.
* Ensure all access requests/changes are logged and auditable.
* Support periodic access reviews and compliance reporting.
* Monitoring & Observability:
Deploy Prometheus + Grafana for metrics, dashboards, and alerts. Integrate with Google Cloud Monitoring/Logging for audit logs, structured logs, and long-term retention. Define SLIs/SLOs for core services and AI functions; drive error budgets.
* Data Platform Enablement:
Secure BigQuery with row-level security, enforce dataset IAM, and provide audit-friendly access patterns.
* Incident Response & Reliability:
Own runbooks, on-call rotations, and post-mortems; design backup/restore, DR testing, and HA strategies.
* Cost & Performance Optimization:
GKE autoscaling, BigQuery slot management, Cloud Functions scaling, and dashboards for spend visibility.
Qualifications
* 4+ years as DevOps/Platform/SRE in GCP production environments.
* Strong Terraform and Kubernetes (GKE) experience.
* Hands-on with deploying and managing Cloud Functions (Python).
* Experience managing IAM accounts, groups, and audit logs in GCP and Kubernetes.
* Familiarity with regulated/high-security environments (HIPAA, SOC2, ISO
* Experience with Prometheus/Grafana/Loki/Alloy/Elastic Stack and Cloud Monitoring.
* Strong GitLab CI/CD skills (multi-stage pipelines, scans, artifact signing, secure releases).
* Comfortable scripting/automating in Python.
Preferred Skills
* BigQuery operations (IAM, slot reservations, audit tables).
* Security certifications (CISSP, GCP Professional Cloud Security Engineer).
Equal Opportunity Statement
We are committed to diversity and inclusivity.